Deploying Json Crack in Smallworld GSS k8s Environment

This article is more for learning purposes than real-world practical scenario.

JSON Crack is a tool that generates graph diagrams from JSON objects. These diagrams are much easier to navigate than the textual format and to make it even more convenient, the tool also allows you to search the nodes. Additionally, the generated diagrams can also be downloaded or clipboard as image. Website

During GSS service development or debugging of bifrost logs, using json-crack is very handy, but as you may not have access to internet in the development server it makes sense to publish this app in your GSS cluster.

Steps

• Build Docker Image for Json-Crack node.js Application

• Push the Json Crack Docker Image to GSS Nexus Private Registry

• Create Secret for Json Crack k8s Deployment to pull the image from the Nexus Private Registry

• Create Json Crack NodePort Service and Deployment manifest files

Build Docker Image for Json-Crack node.js Application

The docker image is available here and can be pulled with below command,

docker pull aramideh/json-crack:v2.0.0

if you used the available docker image you can skip and go to the next step!

so, you decided to create the docker image! first step is cloning the git hub for the json-crack, In this article I'm using RHEL 7.9.

Clone the JsonCrack git repository

  git clone https://github.com/AykutSarac/jsoncrack.com.git

if git is not installed you can install it with this command ,

  sudo yum install git

In the cloned json-crack repository, Dockerfile should be available with below content.

# Builder
FROM node:14-buster as builder
WORKDIR /src
COPY . /src
RUN yarn install --legacy-peer-deps --network-timeout 600000
RUN yarn run build

# App
FROM nginxinc/nginx-unprivileged
COPY --from=builder /src/out /app
COPY default.conf /etc/nginx/conf.d/default.conf

There is a minor change from the original Docker file, for yarn install section, I added network-timeout property because in my lab environment I got timeout error.

While writing this article the json-crack version was 2.0.0, so we used below docker command to create and tag the image,

docker build -t aramideh/json-crack:v2.0.0 .

Push the Docker Image to GSS Nexus Private Registry

login to the private nexus registry

docker login push.$(hostname --fqdn):30443 -u admin -p dummy
docker login pull.$(hostname --fqdn):30443 -u admin -p dummy

In the above commands it is assumed the port for nexus private registry is 30443 and username 'admin' and password is 'dummy'. If the parameters is different for your environment you need to change them based on your GSS environment.

Retag the image for nexus repository

docker image tag aramideh/json-crack:v2.0.0 push.$(hostname --fqdn):30443/smallworld-docker/json-crack:v2.0.0

push to nexus private registry

  docker push push.$(hostname --fqdn):30443/smallworld-docker/json-crack:v2.0.0

if these steps are successful, you should be able to see the image in nexus

Create Secret for Json Crack k8s Deployment to pull the image from the Nexus Private Registry

In this step we will create a secret for Json-Crack Deployment so K8s can pull the images from the private nexus repository,

first we create json-crack namespace in our cluster,

kubcetl create ns json-crack

you can create the secret with the below command,

kubectl create secret docker-registry regsecret --docker-server=pull.$(hostname --fqdn):30443 --docker-username=admin --docker-password=dummy -n json-crack

Please note that if the parameters are different in your environment you need to modify the above command. Regarding the namespace if you change it in the command, you need to modify the deployment yaml file to reflect this change.

Create Json Crack NodePort Service and Deployment manifest files

For our deployment we are publishing Json-Crack on port 30444 using a NodePort Service.

---
apiVersion: apps/v1
kind: Deployment
metadata:
  name: json-crack-client-deployment
  namespace: json-crack
  labels:
    service: json-crack-client
spec:
  replicas: 1
  selector:
    matchLabels:
      service: json-crack-client
  template:
    metadata:
      labels:
        service: json-crack-client
    spec:
      hostAliases:
      - ip: "192.168.0.10"
        hostnames:
        - "rehl-k8s-server"
      containers:
      - name: json-crack-client-pod
        image: pull.rehl-k8s-server:30443/smallworld-docker/json-crack:v2.0.0
      imagePullSecrets:
      - name: regsecret
---
apiVersion: v1
kind: Service
metadata:
  name: json-crack-client-service
  namespace: json-crack
  labels:
    service: json-crack-client
spec:
  selector:
    service: json-crack-client
  ports:
    - port: 80
      targetPort: 8080
---
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  annotations:
    nginx.ingress.kubernetes.io/rewrite-target: /
    nginx.ingress.kubernetes.io/ssl-redirect: "false"
  creationTimestamp: "2023-01-20T00:22:22Z"
  generation: 1
  name: json-crack
  namespace: json-crack
  resourceVersion: "1332646"
  uid: 9ba52495-f63c-4a2d-bffc-973a4de979a2
spec:
  ingressClassName: nginx
  rules:
  - host: json-crack.YOUR-SERVER-NAME
    http:
      paths:
      - backend:
          service:
            name: json-crack-client-service
            port:
              number: 80
        path: /
        pathType: Prefix
status:
  loadBalancer: {}

save the above code in json-crack.yaml file, and edit YOUR-SERVER-NAME in the json-crack.YOUR-SERVER-NAME to reflect your server fully qualified domain name.

note the regsecret which we referenced in the imagePullSecrets of our deployment.

DONE! you can apply the the manifest file with below command,

kubectl -f apply json-crack.yaml

Manifest file can be downloaded from here

now you can check if Json Crack node.js app is accessible from client.

https://json-crack.YOUR_GSS_SERVER_FQDN:30444/editor

If you are using self signed certificates, remember to add json-crack.YOUR-SERVER-NAME to the list of the host names in the hosts files, both in linux and another machine you are browsing from.